Apple AirPort Extreme Driver Beacon Frame Denial Of Service Vulnerability

Bugtraq ID:	21383
Class:	Boundary Condition Error
CVE:	CVE-2006-6292
Remote:	Yes
Local:	No
Published:	Dec 01 2006 12:00AM
Updated:	Mar 08 2007 10:15PM
Credit:	LMH is credited with discovering this issue.
Vulnerable:	Apple Mac OS X Server 10.4.8 Apple Mac OS X 10.4.8 Apple Airport Extreme Driver 0
Not Vulnerable:

Apple AirPort Extreme Driver Beacon Frame Denial Of Service Vulnerability

Apple AirPort Extreme driver is prone to a denial-of-service vulnerability.

Successful exploits may allow remote attackers to crash affected computers, denying further service to legitimate users. Attackers may also be able to execute code, but this has not been confirmed.

This issue affects the Core Duo versions of Mac Mini, MacBook, and MacBook Pro Computers. Other Mac computers, including Core Duo 2 versions are not affected.

Apple AirPort Extreme Driver Beacon Frame Denial Of Service Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].

Apple AirPort Extreme Driver Beacon Frame Denial Of Service Vulnerability

Solution:
Apple has released a fix to address this issue.


Apple Mac OS X Server 10.4.8

• Apple airportextremeupdate2007002.html
  http://www.apple.com/support/downloads/airportextremeupdate2007002.htm l

Apple Mac OS X 10.4.8

• Apple airportextremeupdate2007002.html
  http://www.apple.com/support/downloads/airportextremeupdate2007002.htm l

Apple AirPort Extreme Driver Beacon Frame Denial Of Service Vulnerability

References:

• About the security content of AirPort Extreme Update 2007-002 (Apple)
  
• Cisco TelePresence Video Communication Server (VCS) Homepage (Cisco)
  
• MOKB-30-11-2006 Apple Airport Extreme Beacon Frame Denial of Service (LMH)